Crippling Cyber Attack on Australian Media Network Could Be Politically Motivated

March 30, 2021 Updated: March 30, 2021

The cybersecurity director at the Australian Strategic Policy Institute has said that the cyberattack on the Nine Network on Sunday could have been politically motivated.

Fergus Hanson, cybersecurity director at the Australian Strategic Policy Institute, told Nine that while the attack appeared to be a ransomware attack, no ransom was demanded.

“If you did get asked to pay a ransom, it might be a ransomware attack, in which case you would be looking at a cybercriminal,” Hanson said. “If you didn’t get asked to pay a ransom, you may be looking at other actors, including state actors.”

The attack is currently under investigation by the media network and the Australian Cyber Security Centre (ACSC), and Nine said it has managed to isolate the source of the attack.

“Our focus in the first 24 hours was on containment, and we are confident our technology teams have isolated the attacker and the specific destructive activity that was initiated,” Nine’s chief information and technology officer Damian Cronan said.

The network was crippled by the incident, with many of its systems forced offline, causing publishing delays and preventing some shows from airing.

Staff members have also been asked to work from home until further notice.

Nine wrote on Twitter: “Whether it’s criminal sabotage or the work of a foreign nation is still being investigated, but this attack could reveal a nationwide vulnerability.”

The Australian Parliament also suffered a cyber attack over the weekend, which caused the Department of Parliamentary Services (DPS) email service to shut down.

“DPS has commenced a staged restoration of services on DPS issued smartphones and tablets following the disruption over the weekend,” a spokesman told CNN business on Monday. “Protective mechanisms have operated correctly to prevent an unsophisticated attempt to access the Parliamentary Computer Network.”

“The network was not compromised, and there is no identified data loss.”

The news about the cyber attack on Nine and Parliament House comes after two other attacks were registered in Australia in March.

Many of Melbourne’s Eastern Health service systems have remained offline since a cyber attack on March 16, forcing some administration work back to pen and paper and causing significant delays.

Western Australia’s Parliamentary Services Department had also been attacked on March 4, during the middle of the state election. Beijing-backed hackers are suspected to be behind this incident, which was part of a global cyberattack involving Microsoft software.

Last year, cybersecurity was brought to the forefront of Australia’s attention after Prime Minister Scott Morrison said the country’s public and private agencies dealt with sustained cyberattacks from a “sophisticated state-based cyber actor.”

The ASCS has urged many Australian organisations to patch vulnerabilities in the Microsoft Exchange program.